Use RSoP to view IPSec policy assignments for a computer

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To use RSoP to view IPSec policy assignments for a computer

  1. Open Resultant Set of Policy.

    An RSoP query runs in logging mode. For more information, see Related Topics.

  2. In the console tree, click IP Security Policies.

    Where?

    • Computer Configuration/Windows Settings/Security Settings/IP Security Policies

    The list of all IPSec policies is displayed in the details pane.

  3. To view detailed policy settings for the IPSec policy that is being applied, in the details pane, right-click the policy with the highest precedence, and then click Properties.

Notes

  • To open RSoP, click Start, click Run, type rsop.msc, and then click OK.

  • To run an RSoP query in logging mode, see Related Topics.

  • The RSoP console displays detailed IPSec policy settings for only the policy that is being applied. The detailed policy settings include the filter rules, filter actions, authentication methods, tunnel endpoints, and connection type.

  • The details pane in the RSoP console provides two ways to indicate which IPSec policy is being applied:

    • The lower the number in the Precedence column, the higher the precedence of the IPSec policy. The IPSec policy with a precedence number of 1 is the policy that is being applied.

    • In the Name column, the folder icon that precedes the name of the IPSec policy that is being applied contains a green dot.

  • The settings of the IPSec policy with the highest precedence apply in their entirety; they are not merged with the settings of IPSec policies that are assigned at higher levels of the Active Directory hierarchy. For more information about using RSoP to view IPSec policy assignments, see Related Topics.

  • If a local user overrides domain-level IPSec policies with a local IPSec policy, RSoP does not detect the application of the local IPSec policy. As a result, no IPSec policies will be displayed in the RSoP console when a logging mode query is run.

  • To hide or display columns in the RSoP console, see Related Topics.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Run RSoP
Access RSoP data for an existing computer and user (logging mode)
RSoP logging mode
Hide or display columns in an MMC console
Using Resultant Set of Policy to view IPSec policy assignments